stickynote427

roopurt18: That's true, in this case. I was kind of hoping for a way you could specify exact characters to not remove. What would the regexp look like for a-z, 0-9, and _, @, and .? Mchi: Okay, so is it safer to use mysql_real_escape_string() by itself instead of with magic quotes ("smart quotes"...yeah, my mistake, sorry). And I will look into prepared statements. Thanks.

Thanks. What do you mean it's logic dead? Can you give an example of a string entered in which an array like ("ab","def","s","t","u","wxyz") would be returned? I don't really understand. :-/ I used preg_split() instead of explode and I seem to get the same results. (EDIT: Never mind, I'm getting some errors returning the stripped string.)

I was reading about SQL injections at school today and thought it would be smart to apply some sort of character stripping on my pages that use user input with SQL queries, along with the smart quotes and mysql_real_escape_string() that I think I already have. Basically, I want to strip everything except allowed characters (that I specify) from a string before using it. Like, a function that does the opposite of str_replace(). Is there something like this? I had written a piece of code that seemed to do this fairly well, but now I can't seem to be getting it to work. <?php $string="yo"; // string to remove from $allowed = array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"); // allowed characters $removeString = str_ireplace($allowed,"|",$string); // replaces all good characters with |, leaving only bad characters $remove = explode("|",$new); // put all bad characters that are in the string in to an array if (str_ireplace($remove,"",$string) != $string) // if the bad characters removed from the string is not equal to the original string { echo "There was an error."; } else // if no bad characters were stripped { echo "Success."; } ?> But I get "Success." every time, regardless if the string has non-alpha characters. Thanks.

Okay, I think I can get this to work for me now. If I have any questions, I'll be sure to post them. Thanks a lot!

Ah, I see. Everything appears to be squished on one line. I don't know why that would happen, though. :-/ It also seems my FTP client (FileZilla) wasn't correctly/successfully transferring the file. When I tried transferring the file once, it popped up with a window verifying that I wanted to overwrite the current file; it said the new file size was 1.5something KB and the old file was 1.4something. After transferring it again, the old file size didn't change to the new file size like it should have. I logged in to my hosting control panel in my browser and tried uploading it there; now it works fine. Thanks for your help!

I cleared my cache, but I still receive the same error. (A different browser, which would not have a cached copy like that, also produces the same results.) I added the header info to very top of the page (after the <?php on line 1) and I receive unexpected T_STRING instead.

I have a feedback form on my site. It was working yesterday, I think, but last night I backed up all of the files on the site because I was be going to make some major changes to them that I wasn't sure would work (so far all is going well, though). After working on the changes for a while, I wanted to change a little something on the feedback form. After I did that, when I try loading the form, I get this: After trying to fix this last night, and some this morning, I decided to just restore the backup I made last night, as I didn't make any huge changes to the feedback form and no work would be lost by restoring it. After restoring, it still doesn't work. I get the same error. I am confused, though, because there isn't even a right curly bracket on line 1 in feedback.php. <?php session_start(); $pageTitle = "Send Feedback"; require_once( "include.php" ); if ( isset($_POST['feedbackSubmit']) ) { $to = "example@example.com"; $from = $_POST['name']." <".$_POST['email'].">"; $subject = "Feedback from ".$_SERVER['REMOTE_ADDR']; $message = "Name: ".$_POST['name']."\nUsername: ".$_POST['username']."\nEmail: ".$_POST['email']."\nTopic: ".$_POST['topic']."\nMessage:\n".$_POST['message']; $headers = "From: ".$from; if ( mail($to, $subject, $message, $headers) ) { echo "<p>Your message was delivered successfully.</p>"; } else { echo "<p>There was an error delivering your message. Please go back and try again.</p>"; } } else { ?> <p>Please fill out the form below to leave feedback about the game.</p> <table> <form name="feedbackForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> <tr><td>Name:</td><td><input type="text" name="name"/></td></tr> <tr><td>Username:</td><td><input type="text" name="username"/></td></tr> <tr><td>Email:</td><td><input type="text" name="email"/></td></tr> <tr><td>Topic:</td><td><select name="topic"> <option value="bug report">Bug report</option> <option value="option/feature suggestion">Option/feature suggestion</option> <option value="question">Question</option> <option value="other">Other</option></select></td></tr> <tr><td>Message:<br/><textarea name="message" cols="20" rows="10"></textarea><br/><input type="submit" name="feedbackSubmit" value="Send"/></td></tr> </form> </table> <?php } ?> </div> </body> </html> I've tried commenting out the require_once() part, but that doesn't solve the problem. That page is used on many other pages on my site, and those pages work fine, so it shouldn't be a problem with that anyways. Any ideas? Thanks.

Thank you; I think that your method was very helpful. I just want to make sure that I am understanding this correctly so far: there will be duplicate IDs in the table, correct? So, it might look something like this? player_id | location | [...] ---------------------------- 1 | 2 | [...] 1 | 18 | [...] 1 | 43 | [...] 2 | 8 | [...] 2 | 19 | [...]

But with that table there, how would multiple coordinates look? The table seems to make sense and looks nice, but what would it look like with multiple buildings? Would there just be duplicates in the player_id column with building_id and coordinate being different?

Okay, so something like this? USER | 3CELLS | 4CELLS ----------------------- USER1 | | USER2 | | USER3 | | I'm confused as to what would go in the 3CELLS and 4CELLS columns, though. I'm also confused as to what the 3-cell and 4-cell map table would look like. Sorry if I'm missing something obvious here.

Never tried, but this and this look like they might be helpful.

I've been working on a multiplayer browser-based game for the past few days, and it's actually going surprisingly well. One aspect of the game is a personal map, where you can build farms, cottages, and soon, many other things. Right now, the map is a 3x3 grid; each piece of the map has its own coordinate. In my database, I have these listed as AA, AB, AC, BA, BB, BC, CA, CB, and CC. These fields in the database contain what building is on each coordinate (like "browncottage" or "farm(corn)"). This appears to be working fine, and when I purchase buildings and put them on each unit, they show up fine. However, I really don't think that a separate row for each unit is very efficient. If I want to upgrade to a larger map (4x4, 5x5, etc.), I have to insert all new rows in the table, as well as other miscellaneous code in my pages that pertain to the map. Also, if I want to store other information (like, if the building is damaged, or time left for repairs, etc.) for each unit, all I can think of is to create even more rows in the same table. If my question is confusing, I would be happy to explain more. There just has to be a better way to do this, though. Thanks! stickynote427

I recently wrote some code to create a navigation for part of my website. How it works is that two arrays are given; one contains the text for the links, and the other contains the URLs for the links. It then modifies the URLs a little and creates the links automatically, with dividers. It also disables the link for the current page (so, if there was a link to example.com/products.php, and products.php was actually the page you were on, it would just echo "Products" instead of an A tag). Here is the code: <?php // your domain name $domain = "http://www.example.com"; // the URLs to the pages you want in the navigation $href = array("index.php","about.php","products.php","contact.php"); // the text that will appear inside the A tags $link = array("Home","About Us","Products","Contact Us"); // text used to divide links $div = "|"; for ($i=0;$i<count($href);$i++) { $subcnt = strrpos($_SERVER['PHP_SELF'],"/"); // add the domain to the URLs $href[$i]=$domain.substr($_SERVER['PHP_SELF'],0,$subcnt+1).$href[$i]; // echo the navigation if ($domain.$_SERVER['PHP_SELF'] == $href[$i]) { // if this is the last link, do not add the divider if ($i == count($href)-1) { echo $link[$i]; } // if this is NOT the last link, add the divider else { echo $link[$i]." ".$div." "; } } else { // if this is the last link, do not add the divider if ($i == count($href)-1) { echo "<a href=\"".$href[$i]."\">".$link[$i]."</a>"; } // if this is NOT the last link, add the divider else { echo "<a href=\"".$href[$i]."\">".$link[$i]."</a> ".$div." "; } } } ?> This code works fine on my site, but I have also placed it on my site for others to use. I'm just not sure if it will work if I try to use deeper directories (right now all of the URLs in the $link array link to pages in the same directory as the page running the script) or if others try to modify it for their navigations. Any flaws that might be worth pointing out? Thanks. stickynote427

I'm pretty new to MySQL and want to create a few pages that will just let me register user names, passwords, and email addresses to the database, log in, go to a logged-in-only page, and log out. I've tried the tutorial here, and I can register users to the database, but no matter what I do I can't seem to log in, even with the correct user names and passwords. If anyone has any links to easy-to-follow tutorials, I'd very much appreciate it. Thanks! stickynote427

http://blakechesney.com/pages/howto/2/tut2.txt

Alright, well, I tried this: echo file_get_contents('http://example.com/pages/howto/'.$_GET['t'].'/tut'.$_GET['t'].'.txt'); And I get this error message: And went to http://example.com/pages/howto/2/tut2.txt and I can see the file fine.

Okay, now I receive:

Oh, lord. I apologize. I'm also having problems with MySQL and did not realize that this was not where I was trying to get help with MySQL. I added the PHP code that thorpe provided earlier to the CORRECT file this time. Here is the error I receive: Again, I'm sorry about my mistake.

I'm confused. This is all of the code I have in my file: <?php ini_set('display_errors','1') ; error_reporting(E_ALL) ;?> <?php $con = mysql_connect("localhost","root",""); if (!$con) { die('Could not connect: ' . mysql_error()); } if (mysql_query("CREATE DATABASE my_db",$con)) { echo "Database created"; } else { echo "Error creating database: " . mysql_error(); } mysql_close($con); ?>

Thanks. This is what I get: I have tried different usernames and passwords as well and those do not work, either.

Using require() unfortunately gives me the same result. Using file_get_contents() displays the rest of the page like I want it to, but the content of the example file is still not included.

I have a tutorials page on my site. A parameter in the URL determines the tutorial displayed, and if a "code" parameter is set, then that example for the tutorial will be displayed instead. However, when I try to include() the example file, my entire page does not load; I'm assuming because include() is obviously run in PHP, as well as the file starting out with some PHP code. Here's what I have at the top of my tutorials page: <?php if (isset($_GET['t'])) { //if a tutorial is specified if (isset($_GET['code'])) { //check if the example should be shown include('howto/'.$_GET['t'].'/code'.$_GET['t'].'.txt'); //include the example file } else { //if the example file should not be shown include('howto/'.$_GET['t'].'/tut'.$_GET['t'].'.txt'); //include the tutorial file } echo("<a href=\"http://blakechesney.com/p/howto\">Return to the main how-to page</a>"); //echo navigation back to the main page } else { // perform actions related to the main page; probably irrelevant to my problem ?> When the "code" parameter is set, though, the page only loads up to the point until I want to include() the example file. Any ideas? Thanks. stickynote427

Agh, sorry. I think I have solved the problem. Here is my new code: <?php $themeArray=array( 'red', 'green', 'blue', 'purple', 'black'); $colorArray=array( 'green', 'red', 'orange', 'yellow', 'white'); if (in_array($_COOKIE["theme"],$themeArray)) { $color=$colorArray[array_search($_COOKIE["theme"],$themeArray)]; $themeType="color"; } ?> The code first sets a theme array with the background colors, and then a color array with the corresponding font colors. It then checks to see if the value of the theme cookie is in the theme array, and if it is, find the key of the background color in the array, and set $color to the value in the color array that has the corresponding key. I'm sure that sounded confusing, but my code seems to work now. I apologize for any inconvenience. Thanks. stickynote427

I'm trying to create a rudimentary theme-selection page on my site, for future use. I have a small form that allows you to change the background color of the page; your selection is saved in a cookie so that the color is still applied when the page is visited later. I also want text colors that I define to go along with each background color, which the visitor chooses. However, I'm having a problem. Here is the code I have: <?php switch($_COOKIE["theme"]) { case 'red': $color="green"; $themeType="color"; break; case 'green': $color="red"; $themeType="color"; break; case 'blue': $color="orange"; $themeType="color"; break; case 'purple': $color="yellow"; $themeType="color"; break; case 'black': $color="white"; $themeType="color"; break; ?> But I think it is redundant and unnecessary to repeat $themeType="color"; over and over again, and it would be a bit of a nuisance to have to add in if I wanted to add more colors later. I tried fixing this by using something like this: <?php switch($_COOKIE["theme"]) { case 'red': $color="green"; case 'green': $color="red"; case 'blue': $color="orange"; case 'purple': $color="yellow"; case 'black': $color="white"; $themeType="color"; break; } ?> But that does not work. Here is basically want I want my PHP code to do: if the cookie has a value of red, set $color to green; if it has a value of green, set $color to red, and so on. Then, no matter what the cookie's value is, set $themeType to color. Any ideas? Thanks. stickynote427

I use this method for requiring a user name and password before a page is viewable. <?php //the correct user name and password $un="username"; $pw="password"; //if the form has not been submitted if (!isset($_POST['submitBtn'])) { ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } else { //if the correct user name and password match the submitted user name and password if ($_POST['username']==$un && $_POST['password']==$pw) { ?> You entered the correct user name and password. Welcome to the hidden page! <?php exit; } //if the user name and password did both not match else { echo "You entered incorrect details. Please try again below.<br>"; } ?> <form name="authForm" method="POST" action="<?=$_SERVER['PHP_SELF'];?>"> User name: <input type="text" name="username"><br> Password: <input type="password" name="password"><br> <input type="submit" value="Log In" name="submitBtn"> </form> <?php } ?> Just wrote this from scratch and tested it; it should work fine. Tell me what you think. stickynote427